<?php
	session_start();
	if((!$_SESSION["username"])||($_SESSION["role"]!='STU')){
		//not logged in
		header("location:login.php");
	}
	
	function submitForm() {
		if (isset($_POST['student1'])&&($_POST['student1']!="")) {
			if ($_SERVER['REQUEST_METHOD'] == 'POST'){
				// Connect to server and select databse.
				mysql_connect("localhost", "root", "")or die("cannot connect"); 
				mysql_select_db("Project 5.5")or die("cannot select DB");

				//inserts peer review to db
				$sql='SELECT User_ID FROM users WHERE Username = "'.$_SESSION['username'].'"';
				$result=mysql_fetch_row(mysql_query($sql));
				$user=$result[0];
				$week=$_POST['week'];
				$student1=$_POST['student1'];
				$student2='';
				if(isset($_POST['student2'])){
					$student2=$_POST['student2'];
				}
				$student3='';
				if(isset($_POST['student3'])){
					$student3=$_POST['student3'];
				}
				$student4='';
				if(isset($_POST['student4'])){
					$student4=$_POST['student4'];
				}
				
				$sql='INSERT INTO peerreviews (Week,User_ID,Review_1,Review_2,Review_3,Review_4) VALUES (';
				$sql.='"'.$week.'","'.$user.'","'.$student1.'","'.$student2.'","'.$student3.'","'.$student4.'")';
				$result=mysql_query($sql);
				
				echo '<div id="error" style="display:block;background:#9F9;color:#777;">';
				echo '<a href="groups.php">Review Submitted Successfully.</a>';
				echo '</div>';
			}
		} else {
			if (($_SERVER['REQUEST_METHOD'] == 'POST')){
				echo '<div id="error" style="display:block;">';
				echo "<a href='groups.php'>You can't submit a review at this time.</a>";
				echo '</div>';
			}
		}
	}		

	//fills out the form with existing data
	function populateForm() {
		// Connect to server and select databse.
		mysql_connect("localhost", "root", "")or die("cannot connect"); 
		mysql_select_db("Project 5.5")or die("cannot select DB");
		
		$groupid= $_GET['groupid'];
		$sql='SELECT User_ID FROM users WHERE Username = "'.$_SESSION['username'].'"';
		$result=mysql_fetch_row(mysql_query($sql));
		$user=$result[0];
		
		echo '<table><tr><td width="100" align="right">Week: </td><td width="250"><select name="week[]">';
		while ($count<=13) {
			echo '<option value="'.$count.'">'.$count.'</option>';
				$count++;
		}
		echo '</select></td></tr>';
		
		$sql='SELECT User_ID FROM studentinfo WHERE Group_ID = '.$groupid.' AND User_ID <> '.$user;
		$result=mysql_query($sql);
		$i=1;
		while ($row = mysql_fetch_row($result)){
			$sql='SELECT First_Name, Last_Name FROM users WHERE User_ID = '.$row[0];
			$student=mysql_fetch_row(mysql_query($sql));
			echo '<tr><td align="right">'.$student[0].' '.$student[1].': </td><td>';
			echo '<textarea style="height:48px;width:250px;" name="student'.$i.'" id="student'.$i.'"></textarea></td></tr>';
			$i++;
		}
		
		echo '</table>';
	}
	
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
	<title>Online Peer Review</title>	
	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
	<link href="css/main.css" rel="stylesheet" type="text/css" />
	<script type="text/javascript" src="js/formsValidate.js"/></script>
</head>
<body>
	<div id="topbar">
		<div id="qut_logo" />  
		<img src="../img/strapline.png" alt="Slogan" id="slogan"/>
	</div>
	<div id="menubar">
		<div id="breadcrumbs">
			<a href="index.php">Home</a> \ <a href='groups.php'>Groups</a> \ <a href="peer-review.php?groupid=<?php echo $_GET['groupid']; ?>">Online Peer Review</a>
		</div>
		<div id="logout"> 
			<a href="login.php?destroy=true">Log Out</a>
		</div>
	</div>
	
	<?php 
		submitForm();
	?>
	<a href='<?php $_SERVER['PHP_SELF'] ?>'>
		<div id="error">
		</div>
	</a>
	<div id="namebar_review" ></div>
	<div id="body">
		<br/>
		
		<div style="font-size:14pt; font-weight:bold; text-decoration:none; width: 500px; padding-bottom:15px; background-color:#FFF; text-align:center;margin:auto;">
			<div style="background-color: #CCC;font-size:25pt;font-weight:bold;">
				Online Peer Review
			</div>
			Fill out the Peer Review form for this week.<br/>
			<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post" name="peerreviewform" id="peerreviewform" onsubmit="return validateForm('peerreviewform');">
			<center>
				<?php
					if(isset($_GET['groupid'])){
						populateForm();
						}
				?>

			</center>
			<br />
			<center>
				<input class="subBtn" type="submit" value="" />
				<a href="groups.php">
				<input  class="CancelBtn" type="button" name="cancel"/>
				</a>
			</center>
			<br/><br/>
		</form>
		</div>
		
			
		
	</div>
	
	<div id="bottombg">
		<p>
			<a style="color:#333" href="http://www.qut.edu.au/additional/privacy">Privacy</a> 
			|
			<a style="color:#333" href="http://www.qut.edu.au/additional/copyright">Copyright</a>
			|
			<a style="color:#333" href="http://www.qut.edu.au/additional/disclaimer">Disclaimer</a>
			|
			<a style="color:#333" href="http://www.qut.edu.au/additional/accessibility">Accessibility</a>
		</p>
	</div>
</body>
</html>